The official Flex team blog.

Archive for May, 2012

Recently, folks have been having trouble downloading Flex SDKs. We apologize for any inconvenience. Unfortunately, an interesting set of circumstances have arisen that we are scrambling to work around. If you want to know more, read on, but if you just need to grab an SDK, please try the SWF in the following link.

Here are the details:
1) Flex had a site on opensource.adobe.com. That site was using a version of wiki software that was prone to attack.
2) Adobe plans to host all of its open source projects at Open@Adobe
3) Flex SDKs aren’t completely “open”. They have Adobe licensed files in the downloads.

We had some contractors migrate the opensource.adobe.com site to Open@Adobe so we could shut down opensource.adobe.com. I tested out the download links but didn’t notice they still used a page on opensource.adobe.com. Then, a few weeks ago, we shutdown opensource.adobe.com and suddenly, you couldn’t download a Flex SDK.

When we went to migrate that page to Open@Adobe we found that the page was “interactive”. It had a checkbox that you had to click on in order to enable the download button. It turns out that the wiki on Open@Adobe does not allow that kind of interactivity for security reasons. We explored various ways of trying to replicate that click-thru license on Open@Adobe but were unsuccessful, and our legal advisors required us to keep that click-thru interface to make sure you understand the rules around what you are downloading.

It also turned out that trying to host the click-thru page on some other Adobe server was fraught with process and other difficulties. There would have to be security audits, chains of approvals, etc, and meanwhile folks would still not be able to download SDKs. So, I’ve hacked together this SWF for you to use for now.

So that’s why we are where we are. The Flex pages at Open@Adobe will point to this same SWF. Some folks have posted direct links to the Adobe downloads server as a workaround, but that bypasses the licensing requirement. It is best if you can use the SWF.

Again, sorry for the inconvenience. It is an interesting intersection of security and open-ness. This blog and opensource.adobe.com are hosted by Adobe which strictly limits who can create interactive content. Open@Adobe is hosted at SourceForge which is a lot less restrictive and who can create content so they have tighter rules on what that content can do.